CA Top Secret r16 Security Target ST Version: 1.0 August 18, 2017 3333 Warrenville Road Suite 800 Lisle, IL 60532 Prepared By: Cyber Assurance Testing Laboratory 304 Sentinel Drive, Suite 100 Annapolis Junction, MD 20701 Security Target CA Top Secret r16 Table of Contents 1 Security Target Introduction ................................................................................................................. 6 1.1 ST Reference ................................................................................................................................. 6 1.1.1 ST Identification ................................................................................................................... 6 1.1.2 Document Organization ........................................................................................................ 6 1.1.3 Terminology .......................................................................................................................... 7 1.1.4 Acronyms .............................................................................................................................. 8 1.1.5 References ............................................................................................................................. 9 1.2 TOE Reference .............................................................................................................................. 9 1.3 TOE Overview .............................................................................................................................. 9 1.4 TOE Type .................................................................................................................................... 13 2 TOE Description ................................................................................................................................. 14 2.1 Evaluated Components of the TOE ............................................................................................ 14 2.2 Components and Applications in the Operational Environment ................................................. 14 2.3 Excluded from the TOE .............................................................................................................. 15 2.3.1 Not Installed ........................................................................................................................ 15 2.3.2 Installed but Requires a Separate License ........................................................................... 16 2.3.3 Installed but Not Part of the TSF ........................................................................................ 16 2.4 Physical Boundary ...................................................................................................................... 17 2.5 Logical Boundary ........................................................................................................................ 17 2.5.1 Enterprise Security Management ........................................................................................ 18 2.5.2 Security Audit ..................................................................................................................... 18 2.5.3 Communications ................................................................................................................. 18 2.5.4 User Data Protection ........................................................................................................... 19 2.5.5 Identification and Authentication ........................................................................................ 19 2.5.6 Security Management ......................................................................................................... 19 2.5.7 Protection of the TSF .......................................................................................................... 20 2.5.8 Resource Utilization ............................................................................................................ 20 2.5.9 TOE Access ........................................................................................................................ 20 2.5.10 Trusted Path/Channels ........................................................................................................ 21 3 Conformance Claims .......................................................................................................................... 22 1 | P a g e Security Target CA Top Secret r16 3.1 CC Version .................................................................................................................................. 22 3.2 CC Part 2 Conformance Claims .................................................................................................. 22 3.3 CC Part 3 Conformance Claims .................................................................................................. 22 3.4 PP Claims .................................................................................................................................... 22 3.5 Package Claims ........................................................................................................................... 22 3.6 Package Name Conformant or Package Name Augmented ........................................................ 23 3.7 Conformance Claim Rationale .................................................................................................... 23 4 Security Problem Definition ............................................................................................................... 24 4.1 Threats......................................................................................................................................... 24 4.2 Organizational Security Policies ................................................................................................. 25 4.3 Assumptions ................................................................................................................................ 26 4.3.1 Personnel Assumptions ....................................................................................................... 26 4.3.2 Physical Assumptions ......................................................................................................... 26 4.3.3 Connectivity Assumptions .................................................................................................. 26 4.4 Security Objectives ..................................................................................................................... 27 4.4.1 TOE Security Objectives .................................................................................................... 27 4.4.2 Security Objectives for the Operational Environment ........................................................ 29 4.4.3 Operational Environment Components Rationale .............................................................. 30 4.5 Security Problem Definition Rationale ....................................................................................... 30 5 Extended Components Definition ....................................................................................................... 32 5.1 Extended Security Functional Requirements .............................................................................. 32 5.2 Extended Security Assurance Requirements .............................................................................. 32 6 Security Functional Requirements ...................................................................................................... 33 6.1 Conventions ................................................................................................................................ 33 6.2 Security Functional Requirements Summary.............................................................................. 33 6.3 Security Functional Requirements .............................................................................................. 35 6.3.1 Class ESM: Enterprise Security Management .................................................................... 35 6.3.2 Class FAU: Security Audit ................................................................................................. 36 6.3.3 Class FCO: Communications .............................................................................................. 38 6.3.4 Class FDP: User Data Protection ........................................................................................ 39 6.3.5 Class FIA: Identification and Authentication ..................................................................... 43 2 | P a g e Security Target CA Top Secret r16 6.3.6 Class FMT: Security Management ..................................................................................... 44 6.3.7 Class FPT: Protection of the TSF ....................................................................................... 48 6.3.8 Class FRU: Resource Utilization ........................................................................................ 49 6.3.9 Class FTA: TOE Access ..................................................................................................... 49 6.3.10 Class FTP: Trusted Path/Channels ...................................................................................... 49 6.4 Statement of Security Functional Requirements Consistency .................................................... 50 7 Security Assurance Requirements .....................................................................................................